Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
- BleepingComputer
Hackers targeting WhatsUp Gold with public exploit since August
Hackers have been leveraging publicly available exploit code for two critical vulnerabilities in the WhatsUp Gold network availability and performance monitoring solution from Progress Software. The t ... Read more
- The Hacker News
Urgent: GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Job Execution
DevSecOps / Vulnerability GitLab on Wednesday released security updates to address 17 security vulnerabilities, including a critical flaw that allows an attacker to run pipeline jobs as an arbitrary u ... Read more
- Zero Day Initiative
Exploiting Exchange PowerShell After ProxyNotShell: Part 2 - ApprovedApplicationCollection
In part 2, I describe the ApprovedApplicationCollection gadget, which was available for abuse because it did not appear on the deny list and could therefore be accessed via MultiValuedProperty. I am a ... Read more
- TheCyberThrone
GitLab fixes several vulnerabilities including CVE-2024-6678
GitLab has released critical security patches for its Community Edition (CE) and Enterprise Edition (EE) that could allow an attacker to execute arbitrary code.Vulnerability detailsCVE-2024-6678 with ... Read more
- BleepingComputer
GitLab warns of critical pipeline execution vulnerability
GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions. ... Read more
- security.nl
Apple Vision Pro kon via eye-tracking wachtwoord van gebruikers lekken
Een kwetsbaarheid in de Apple Vision Pro maakte het mogelijk om wachtwoorden en andere invoer van gebruikers te achterhalen, zo ontdekten onderzoekers. Die rapporteerden het probleem aan Apple, dat ei ... Read more
- Cybersecurity News
Fortinet Faces Potential Data Breach, Customer Data at Risk
In a concerning development for cybersecurity giant Fortinet, a potential data breach has come to light, raising alarms about the security of sensitive customer information. The incident reportedly af ... Read more
- The Hacker News
Exposed Selenium Grid Servers Targeted for Crypto Mining and Proxyjacking
Cryptocurrency / Network Security Internet-exposed Selenium Grid instances are being targeted by bad actors for illicit cryptocurrency mining and proxyjacking campaigns. "Selenium Grid is a server tha ... Read more
- Help Net Security
Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869)
Among the security updates released by Adobe on Tuesday are those for various versions of Adobe Acrobat and Reader, which fix two critical flaws that could lead to arbitrary code execution: CVE-2024-4 ... Read more
- security.nl
Actief misbruikt lek in Windows Installer sinds januari bij Microsoft bekend
Een kwetsbaarheid in de Windows Installer waar aanvallers actief misbruik van maken bij aanvallen was al sinds januari bij Microsoft bekend. Dat meldt securitybedrijf SEC Consult dat het probleem bij ... Read more